Requirements for Network Security
Requirement network security is driven form the analysis of risks and business goals. Business goals require security system design to accommodate them and not hinder them, and if the business isn’t functioning because of the security concerns, then there is a problem. Risk management involves knowing; what the analysis of cost benefit of the security system determines, and how will the new attack techniques play with network environment of your business.
Four different ways are approved for dealing with risks, which are; reduce the risk effect, ignore, accept, or transfer.
Reduce; a step which the IT managers take for mitigating and reducing the risk to maximum extent and for performing this task, these activities play an important role:
- Limitation: creates an environment which is secure and does not allow actions to take place which could let risk occur, such as installation of firewalls, letting strong authentication process be used and so on.
- Assurance: ensures that standards, policies, and procedures are followed properly.
- Detection: lets you detect intrusion attempts and enables you to take actions for terminating the intrusions.
- Recovery: enables you to restore the system back to its operational state.
Ignore: this act is not to be followed by any IT manager, because a risk should be reduced, accepted or transferred for reducing the drastic effects.
Accept: this act is for being aware of the risk and knowing that it exists, but taking no action due to the risk being fetched too far or the cost involved in mitigating is prohibitive.
Transfer; this act involves buying an insurance since the risk cannot be accepted or reduced.
The list of key factors for designing a secure network includes; knowing your business need of network, the analysis of cost and risk balance, what security policies will you need, knowing industries best security practices, and following security operations (response, maintenance, monitor, audit) compliance.
Risk management can be driven from various perspectives of motivations and opportunities; this also involves the techniques and motive of hackers. According to research, hackers get motivated by profits where in the past fame and notoriety interested and appealed to them. When financial gains are focus then hackers don’t look for fame and that’s when their attacks become difficult to detect.
Threats, their global nature, sophistication, and pervasiveness have evolved over the course of few decades. The vulnerabilities linked to applications and systems have taken a huge rise and the number of worms and viruses which took place over the last three years has been daunting. Business outages increased unacceptably which consumed expense, time, staff, and fund that were not budgeted for such operations.
Factors Affecting the Security Architecture Design
Attacks have taken an expand from single DOS attack of a single attacker against a single target, to large scaled DDOS attacks originating from networks of compromised systems which are known as botnets. When an attack originates, the remaining attacks may take place as waves because the effects continue to appear as infected system join networks. The threat vectors which have been recent and show an impact of attackers are as follows:
Cognitive Threat Through A social Network: Malicious attackers have taken the paths of social networks for attacking high profile individual’s social network account.
Consumer Electronics and PDA Exploits: High volume attacks are carried out on consumer hand devices. Proliferation of application of the operating systems, certification process and development nature of these applications augment problem.
Website Compromise: Popular websites are compromised by malicious attacker who do not use the data of website but use it as a spring board for affecting the users of website. They make the download malware connecting users.
Critical Infrastructures Disruption: This disruption is cause by Stuxnet malware which targets on power grids, critical infrastructures, and nuclear plants by exploiting a hole in Windows system of Siemens SCADA program, causing heaver and increased sabotage.
Virtualization Exploit: The attackers aim at virtual switches, virtual servers, and the trust relationships of hypervisor level individuals. Virtualization of services and devices increases the complexity in networks; hackers are aware of this and utilize this strategy.
Memory Scrapings: An attack that uses volatile memory for fetching information is a well known technique. The aim of this attack is on applications and operating systems which leave traces of encrypted memory behind; this encryption is processed as unencrypted in volatile memory.
Hardware Hackings: This attack aims at hardware of devices, searches for crypto keys and uses bus sniffing, memory dumping, and alternates firmware’s methods.
IPv6 Based Attack: This attack is aimed due to migration of IPv6; the focus is on tunneling tactics and converting channels.